
<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>后门利用测试报告 - 101.37.80.173</title>
    <style>
        body { font-family: 'Segoe UI', Arial, sans-serif; margin: 0; padding: 20px; background: #f5f5f5; }
        .container { max-width: 1200px; margin: 0 auto; background: white; padding: 30px; border-radius: 10px; box-shadow: 0 0 20px rgba(0,0,0,0.1); }
        .header { text-align: center; margin-bottom: 30px; padding: 20px; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; border-radius: 10px; }
        .summary { display: grid; grid-template-columns: repeat(auto-fit, minmax(200px, 1fr)); gap: 20px; margin-bottom: 30px; }
        .summary-card { background: #f8f9fa; padding: 20px; border-radius: 8px; text-align: center; border-left: 4px solid #007bff; }
        .summary-card h3 { margin: 0 0 10px 0; color: #333; }
        .summary-card .value { font-size: 2em; font-weight: bold; color: #007bff; }
        .section { margin-bottom: 30px; }
        .section h2 { color: #333; border-bottom: 2px solid #007bff; padding-bottom: 10px; }
        .backdoor-item { background: #f8f9fa; margin: 10px 0; padding: 20px; border-radius: 8px; border-left: 4px solid #28a745; }
        .backdoor-item.not-detected { border-left-color: #dc3545; }
        .backdoor-item.error { border-left-color: #ffc107; }
        .backdoor-item h3 { margin: 0 0 10px 0; color: #333; }
        .status { display: inline-block; padding: 4px 12px; border-radius: 20px; font-size: 0.8em; font-weight: bold; text-transform: uppercase; }
        .status.detected { background: #d4edda; color: #155724; }
        .status.not-detected { background: #f8d7da; color: #721c24; }
        .status.error { background: #fff3cd; color: #856404; }
        .status.success { background: #d4edda; color: #155724; }
        .status.failed { background: #f8d7da; color: #721c24; }
        .details { margin-top: 15px; }
        .details pre { background: #f1f3f4; padding: 10px; border-radius: 4px; overflow-x: auto; font-size: 0.9em; }
        .exploitation-methods { margin-top: 15px; }
        .method { background: white; margin: 5px 0; padding: 10px; border-radius: 4px; border: 1px solid #dee2e6; }
        .footer { text-align: center; margin-top: 30px; padding: 20px; color: #666; border-top: 1px solid #dee2e6; }
    </style>
</head>
<body>
    <div class="container">
        <div class="header">
            <h1>🎯 后门利用测试报告</h1>
            <p>目标: 101.37.80.173 | 时间: 2025-10-12T23:56:15.490079</p>
        </div>
        
        <div class="summary">
            <div class="summary-card">
                <h3>检测到后门</h3>
                <div class="value">5</div>
            </div>
            <div class="summary-card">
                <h3>成功利用</h3>
                <div class="value">3</div>
            </div>
            <div class="summary-card">
                <h3>总体状态</h3>
                <div class="value status success">
                    成功
                </div>
            </div>
        </div>
        
        <div class="section">
            <h2>🔍 后门检测结果</h2>

            <div class="backdoor-item detected">
                <h3>SSH密钥后门 <span class="status detected">已检测</span></h3>

                <div class="exploitation-methods">
                    <strong>可利用方法:</strong>

                    <div class="method">
                        <strong>SSH密钥登录 #1</strong>: 使用对应私钥进行SSH登录
                    </div>
</div>
                <div class="details">
                    <strong>详细信息:</strong>
                    <pre>{
  "authorized_keys": "Could not chdir to home directory /home/test1: No such file or directory"
}</pre>
                </div>
</div>
            <div class="backdoor-item detected">
                <h3>Cron定时任务后门 <span class="status detected">已检测</span></h3>

                <div class="exploitation-methods">
                    <strong>可利用方法:</strong>

                    <div class="method">
                        <strong>Cron任务利用</strong>: 通过修改或触发定时任务执行命令
                    </div>
</div>
                <div class="details">
                    <strong>详细信息:</strong>
                    <pre>{
  "user_crontab": "*/5 * * * * /bin/bash -c 'echo Sun 12 Oct 2025 11:46:33 PM CST: Persistence test >> /tmp/persistence_test.log'",
  "system_crontab": "# /etc/crontab: system-wide crontab\n# Unlike any other crontab you don't have to run the `crontab'\n# command to install the new version when you edit this file\n# and files in /etc/cron.d. These files also have username fields,\n# that none of the other crontabs do.\n\nSHELL=/bin/sh\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n\n# Example of job definition:\n# .---------------- minute (0 - 59)\n# |  .------------- hour (0 - 23)\n# |  |  .---------- day of month (1 - 31)\n# |  |  |  .------- month (1 - 12) OR jan,feb,mar,apr ...\n# |  |  |  |  .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat\n# |  |  |  |  |\n# *  *  *  *  * user-name command to be executed\n17 *\t* * *\troot    cd / && run-parts --report /etc/cron.hourly\n25 6\t* * *\troot\ttest -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily )\n47 6\t* * 7\troot\ttest -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )\n52 6\t1 * *\troot\ttest -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly )\n#",
  "cron_d": "total 24\ndrwxr-xr-x  2 root root 4096 Jun 25 17:02 .\ndrwxr-xr-x 90 root root 4096 Oct 12 22:21 ..\n-rw-r--r--  1 root root  201 Feb 14  2020 e2scrub_all\n-rw-r--r--  1 root root  102 Feb 14  2020 .placeholder\n-rw-r--r--  1 root root  190 Jun 25 16:51 popularity-contest\n-rw-r--r--  1 root root  396 Sep 12  2017 sysstat"
}</pre>
                </div>
</div>
            <div class="backdoor-item detected">
                <h3>隐藏文件后门 <span class="status detected">已检测</span></h3>

                <div class="exploitation-methods">
                    <strong>可利用方法:</strong>

                    <div class="method">
                        <strong>隐藏文件执行</strong>: 执行隐藏文件: Could not chdir to home directory /home/test1: No such file or directory
                    </div>

                    <div class="method">
                        <strong>隐藏文件执行</strong>: 执行隐藏文件: Could not chdir to home directory /home/test1: No such file or directory
                    </div>

                    <div class="method">
                        <strong>隐藏文件执行</strong>: 执行隐藏文件: Could not chdir to home directory /home/test1: No such file or directory
                    </div>

                    <div class="method">
                        <strong>隐藏文件执行</strong>: 执行隐藏文件: Could not chdir to home directory /home/test1: No such file or directory
                    </div>

                    <div class="method">
                        <strong>隐藏文件执行</strong>: 执行隐藏文件: Could not chdir to home directory /home/test1: No such file or directory
                    </div>
</div>
                <div class="details">
                    <strong>详细信息:</strong>
                    <pre>{
  "hidden_files": [
    "Could not chdir to home directory /home/test1: No such file or directory",
    "Could not chdir to home directory /home/test1: No such file or directory",
    "Could not chdir to home directory /home/test1: No such file or directory",
    "Could not chdir to home directory /home/test1: No such file or directory",
    "Could not chdir to home directory /home/test1: No such file or directory"
  ]
}</pre>
                </div>
</div>
            <div class="backdoor-item detected">
                <h3>系统服务后门 <span class="status detected">已检测</span></h3>

                <div class="exploitation-methods">
                    <strong>可利用方法:</strong>

                    <div class="method">
                        <strong>服务控制</strong>: 通过systemctl控制服务: UNIT
                    </div>

                    <div class="method">
                        <strong>服务控制</strong>: 通过systemctl控制服务: accounts-daemon.service
                    </div>

                    <div class="method">
                        <strong>服务控制</strong>: 通过systemctl控制服务: aegis.service
                    </div>
</div>
                <div class="details">
                    <strong>详细信息:</strong>
                    <pre>{
  "suspicious_services": [
    "UNIT                        LOAD   ACTIVE SUB     DESCRIPTION",
    "accounts-daemon.service     loaded active running Accounts Service",
    "aegis.service               loaded active running Aegis Service",
    "aliyun.service              loaded active running Aliyun Assist",
    "AssistDaemon.service        loaded active running AssistDaemon",
    "atd.service                 loaded active running Deferred execution scheduler",
    "chrony.service              loaded active running chrony, an NTP client/server",
    "polkit.service              loaded active running Authorization Manager",
    "postgresql@12-main.service  loaded active running PostgreSQL Cluster 12-main",
    "unattended-upgrades.service loaded active running Unattended Upgrades Shutdown",
    "LOAD   = Reflects whether the unit definition was properly loaded.",
    "ACTIVE = The high-level unit activation state, i.e. generalization of SUB.",
    "SUB    = The low-level unit activation state, values depend on unit type.",
    "22 loaded units listed."
  ]
}</pre>
                </div>
</div>
            <div class="backdoor-item detected">
                <h3>网络后门 <span class="status detected">已检测</span></h3>

                <div class="exploitation-methods">
                    <strong>可利用方法:</strong>

                    <div class="method">
                        <strong>网络连接</strong>: 尝试连接到可疑监听端口
                    </div>

                    <div class="method">
                        <strong>网络连接</strong>: 尝试连接到可疑监听端口
                    </div>

                    <div class="method">
                        <strong>网络连接</strong>: 尝试连接到可疑监听端口
                    </div>
</div>
                <div class="details">
                    <strong>详细信息:</strong>
                    <pre>{
  "suspicious_ports": [
    "tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      9882/postgres",
    "tcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN      6048/sshd: root@pts",
    "tcp6       0      0 ::1:5432                :::*                    LISTEN      9882/postgres",
    "tcp6       0      0 ::1:6010                :::*                    LISTEN      6048/sshd: root@pts"
  ]
}</pre>
                </div>
</div>
        </div>
        
        <div class="section">
            <h2>⚡ 利用测试结果</h2>

            <div class="backdoor-item success">
                <h3>密钥认证测试 <span class="status success">成功</span></h3>
                <div class="details">
                    <strong>详细信息:</strong>
                    <pre>{
  "message": "当前SSH连接可能使用了后门密钥",
  "user_info": "root\nuid=0(root) gid=0(root) groups=0(root)",
  "sudo_privileges": "Matching Defaults entries for root on hello:\n    env_reset, mail_badpass, secure_path=/usr/local/sbin\\:/usr/local/bin\\:/usr/sbin\\:/usr/bin\\:/sbin\\:/bin\\:/snap/bin\n\nUser root may run the following commands on hello:\n    (ALL : ALL) ALL"
}</pre>
                </div>
            </div>

            <div class="backdoor-item success">
                <h3>远程命令执行 <span class="status success">成功</span></h3>
                <div class="details">
                    <strong>详细信息:</strong>
                    <pre>{
  "executed_commands": {
    "系统信息": "Linux hello 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux",
    "当前用户": "root",
    "当前目录": "/",
    "进程列表": "USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND\nroot           1  0.0  0.3 103456 12612 ?        Ss   18:05   0:04 /sbin/init noibrs\nroot           2  0.0  0.0      0     0 ?        S    18:05   0:00 [kthreadd]\nroot           3  0.0  0.0      0     0 ?        I<   18:05   0:00 [rcu_gp]\nroot           4  0.0  0.0      0     0 ?        I<   18:05   0:00 [rcu_par_gp]\nroot           6  0.0  0.0      0     0 ?        I<   18:05   0:00 [kworker/0:0H-kblockd]\nroot           8  0.0  0.0      0     0 ?        I<   18:05   0:00 [mm_percpu_wq]\nroot           9  0.0  0.0      0     0 ?        S    18:05   0:00 [ksoftirqd/0]\nroot          10  0.0  0.0      0     0 ?        I    18:05   0:03 [rcu_sched]\nroot          11  0.0  0.0      0     0 ?        S    18:05   0:00 [migration/0]",
    "网络连接": "Active Internet connections (servers and established)\nProto Recv-Q Send-Q Local Address           Foreign Address         State      \ntcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN     \ntcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     \ntcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN     \ntcp        0      0 127.0.0.1:6010          0.0.0.0:*               LISTEN     \ntcp        0      0 172.24.140.79:22        112.243.79.62:64272     ESTABLISHED\ntcp        0      0 172.24.140.79:22        112.243.79.62:51020     ESTABLISHED\ntcp        0    240 172.24.140.79:22        112.243.79.62:64424     ESTABLISHED\ntcp        0      0 172.24.140.79:37136     100.100.30.25:80        ESTABLISHED"
  },
  "success_rate": "5/5"
}</pre>
                </div>
            </div>

            <div class="backdoor-item success">
                <h3>持久化机制检查 <span class="status success">成功</span></h3>
                <div class="details">
                    <strong>详细信息:</strong>
                    <pre>{
  "persistence_mechanisms": {
    "ssh_keys": "存在",
    "cron_jobs": "存在",
    "running_services": "29个运行服务"
  }
}</pre>
                </div>
            </div>

        </div>
        
        <div class="footer">
            <p>报告生成时间: 2025-10-12 23:56:17</p>
            <p>privilegeMaintenance v1.0 - 后门利用测试工具</p>
        </div>
    </div>
</body>
</html>
